Decrypting network traffic at the hackerspace

You know the VU meter showing the network traffic on our Internet connection. The needle also bounces when the hackerspace is empty. Looking a bit more closely shows that it’s mostly encrypted traffic. What is going on here?

To store our members credentials and information for our WiFi network and our Openduino lock system, we use ldap, a kind of database.

The ldap server at the hackerspace communicates and synchronises regularly with our master ldap server on the Internet over a permanent ipsec/openvpn tunnel with strong crypto.

Another VPN is the one that only gets activated for the annual Chaos Communication Congress. During the congress, the network at the conference gets extended to the hackerspace with its own dedicated WiFi access point and without any connection to a syn2cat network. Don’t connect to it unless you are prepared to completely reinstall your device and are sure it doesn’t contain any confidential data. On the other side of that tunnel are some black hats waiting for easy pray. Please don’t use syn2cat’s computers to connect there.


Other pseudo VPNs are those established by our members using ssh to either enter or exit the hackerspace’s network. SSH can easily be used to tunnel a secure connection for any program; see Gunstick’s ssh presentation to learn more. If you want to know how to set up your own VPN, visit a cryptoparty, where you can get help or ask a friendly syn2cat member.

The last category of communications happening without people at the space, and generally unencrypted, are things like Openduino updating the status, computers not being shut down or servers syncing their time from the internet or checking for updates, raspberry pis being left turned on and communicating via internet, etc.

Please don’t run a tor node (client is ok) or freenet inside the space, as it quickly eats up all available bandwidth. This also counts for any peer to peer software. Stop the torrent client on your laptop before connecting to the syn2cat lan.

It is a good idea to always use encrypted protocols, e.g. https, imap+ssl, smtp+ssl — not just at public hotspots, hotels, and conferences, but also at the hackerspace and at home. Even the most secure network can’t fully protect you from a bad guy who wants to sniff unencrypted secrets.

Related Posts:

  • No Related Posts

Leave a Reply